Nearly 15,000 Shands patients could be identity theft targets

Published: Wednesday, April 3, 2013 at 9:59 a.m.

Last Modified: Wednesday, April 3, 2013 at 9:59 a.m.

The University of Florida sent out letters Tuesday to 14,339 patients of the UF&Shands Family Medicine at Main practice that they may be the victims of identity theft.

An employee at that medical clinic has been arrested for potentially compromising patient personal information as part of an identity theft ring that he is in, according to Jackelyn Barnard, a spokeswoman for the Florida state attorney's office.

Arthur Thomas, 25, of Gainesville was arrested on Tuesday following an investigation that began in late October.

According to a Jacksonville Sheriff's Office report, investigators learned that Thomas was in their area and selling identities of the Shands patients.

An officer stopped a vehicle driven by Thomas for a speeding violation and a search uncovered a duffel bag with about 1,600 personal identities on a computer generated appointment information sheet. They also found several debit cards with names other than Thomas'.

The State Attorney, Internal Revenue Service and the U.S. Secret Service offices allege that Thomas acquired patient insurance information, including names, addresses, dates of birth and Social Security numbers, and potentially shared that information with a third party, according to a UF media release Wednesday.

“The phone's been ringing off the hook” from patients on Wednesday, said Susan Blair, the chief privacy officer for UF.

Patients at Shands Main practice between March 2009 and October 2012 might have been victims of identity theft. UF has been unable to locate the current addresses for 450 patients.

“We don't know how many patients' information was sold,” Blair said.

She added that after being alerted in October to the investigation, “We did our own investigation and found that he was looking at things he should not have been. It was largely demographic information. ... those things that would have value in the marketplace. He did not mess with the medical part of the records.”

“We see these individuals who are bent on criminal activity getting hired into the organization...and go for the express purpose of getting access,” Blair continued.

She added that although Shands does background checks on all employees, people who haven't been caught might slip through the cracks.

“There's a huge concern up and down the state about identity theft,” she said.

In January, Daremia Crews, 24, of Jacksonville, was arrested in for involvement in the identity theft ring that potentially sold patient information from Shands at Jacksonville, where Crews was doing an externship.

According to a Jacksonville Sheriff's report, Crews worked at the Brentwood Primary Center where she allegedly took pictures on her phone of computer screens containing patient information, including names, dates of birth and Social Security numbers.

UF would not disclose what position Thomas held at the Main clinic.

According to Barnard, “Other arrests are pending. It's an active case.”

Blair said this is the first time UF has been implicated in identity theft, although it has been victim of hacking.

“It's very disappointing,” she said. “Right now we have not specifically identified theft associated with the data breach, and I hope it stays that way.”

UF is offering fraud resolution services to patients who suspect or confirm identify theft associated with the incident.

<p>The University of Florida sent out letters Tuesday to 14,339 patients of the UF&Shands Family Medicine at Main practice that they may be the victims of identity theft.</p><p>An employee at that medical clinic has been arrested for potentially compromising patient personal information as part of an identity theft ring that he is in, according to Jackelyn Barnard, a spokeswoman for the Florida state attorney's office.</p><p>Arthur Thomas, 25, of Gainesville was arrested on Tuesday following an investigation that began in late October.</p><p>According to a Jacksonville Sheriff's Office report, investigators learned that Thomas was in their area and selling identities of the Shands patients.</p><p>An officer stopped a vehicle driven by Thomas for a speeding violation and a search uncovered a duffel bag with about 1,600 personal identities on a computer generated appointment information sheet. They also found several debit cards with names other than Thomas'.</p><p>The State Attorney, Internal Revenue Service and the U.S. Secret Service offices allege that Thomas acquired patient insurance information, including names, addresses, dates of birth and Social Security numbers, and potentially shared that information with a third party, according to a UF media release Wednesday.</p><p>“The phone's been ringing off the hook” from patients on Wednesday, said Susan Blair, the chief privacy officer for UF.</p><p>Patients at Shands Main practice between March 2009 and October 2012 might have been victims of identity theft. UF has been unable to locate the current addresses for 450 patients.</p><p>“We don't know how many patients' information was sold,” Blair said.</p><p>She added that after being alerted in October to the investigation, “We did our own investigation and found that he was looking at things he should not have been. It was largely demographic information. ... those things that would have value in the marketplace. He did not mess with the medical part of the records.”</p><p>“We see these individuals who are bent on criminal activity getting hired into the organization...and go for the express purpose of getting access,” Blair continued.</p><p>She added that although Shands does background checks on all employees, people who haven't been caught might slip through the cracks.</p><p> “There's a huge concern up and down the state about identity theft,” she said.</p><p>In January, Daremia Crews, 24, of Jacksonville, was arrested in for involvement in the identity theft ring that potentially sold patient information from Shands at Jacksonville, where Crews was doing an externship.</p><p>According to a Jacksonville Sheriff's report, Crews worked at the Brentwood Primary Center where she allegedly took pictures on her phone of computer screens containing patient information, including names, dates of birth and Social Security numbers.</p><p>UF would not disclose what position Thomas held at the Main clinic.</p><p>According to Barnard, “Other arrests are pending. It's an active case.”</p><p>Blair said this is the first time UF has been implicated in identity theft, although it has been victim of hacking.</p><p>“It's very disappointing,” she said. “Right now we have not specifically identified theft associated with the data breach, and I hope it stays that way.”</p><p>UF is offering fraud resolution services to patients who suspect or confirm identify theft associated with the incident.</p><p><i>Contact Kristine Crane at 338-3119, or kristine.crane@gvillesun.com.</i></p>